Ransomware Attacks – Lexology

Ransomware attacks have become ubiquitous. Threat actors continue to develop more sophisticated—and malicious—tactics, including double extortion attempts involving both ransomware and data theft. The attackers show no sign of stopping.

Proactive preparation is essential: there is no time to ponder how to act once ransomware hits. Lost revenue from halted business operations, and reputational harm among customers, business partners and the public can be devastating. The best time to prepare for an attack is before it occurs. Hunton Andrews Kurth LLP has the experience to help.

Ransomware Experience

Our top-tier privacy and cybersecurity practice has over two decades of experience assisting clients in managing all types of cybersecurity incidents, including ransomware attacks. We recently advised on one of the highest profile ransomware attacks in history relating to the largest US refined products pipeline. We assist with every aspect of these security incidents, including assisting with the recovery of compromised systems and business information, preparing external and internal communications, assessing potential notice obligations under applicable law and contracts, and evaluating legal considerations specific to ransomware, such as government sanctions issues.

We frequently retain third-party experts to assist with incident response, including forensic investigators and ransom negotiators. Our cybersecurity lawyers work extensively with service providers in the cyber arena, including highly skilled forensic firms that assist with technical aspects of an investigation, ransomware specialists who engage and negotiate with the attackers, and PR firms that have particular expertise in this area. We have strong relationships with all the key players in the industry.

In addition to handling incident response and disputes arising from these events, our cybersecurity work also includes cybersecurity readiness planning. We often assist clients in preparing multi-functional incident response plans and related incident response procedures (such as ransomware playbooks), as well as conducting executive-level cybersecurity tabletop exercises that include complex cybersecurity…